More on LinuxToday

SecurityFocus: Clues, Vandalism, Litter Sendmail Trojan Trail

"The Trojan horse discovered in a distribution of the Sendmail
open-source e-mail server has striking similarities to a backdoor
planted in OpenSSH last summer, according to security experts
who've analyzed the code. But missteps in the alerting process may
have given the culprits a chance to cover their tracks.

"The sophisticated backdoor came to light Tuesday through an
advisory from the government-funded Computer Emergency Response
Team (CERT) Coordination Center. CERT warned that copies of version
8.12.6 of Sendmail downloaded between September 28th and October
6th from the Sendmail Consortium's public FTP server contained the
backdoor.

"Once downloaded, the victim unwittingly activates the backdoor
by compiling Sendmail from source code. The malicious code then
establishes a secret control channel to a particular Internet host
over TCP port 6,667, according to the CERT advisory..."